You can use the security services available from the web container to secure Representational State Transfer (REST) resources. You can configure security mechanisms that define user authentication, transport security, authorization control, and user to role mappings.
You can secure Java API for RESTful Web Services (JAX-RS) resources by using annotations that specify security settings.
You can secure downstream Java API for RESTful Web Services (JAX-RS) resources by configuring the BasicAuth method for authentication and by using the LTPA JAX-RS security handler to take advantage of single sign-on for user authentication.
You can secure the communications between your Java API for RESTful Web Services (JAX-RS) application and clients that invoke the application by using Secure Sockets Layer (SSL) transport layer security.
You can use the administrative console to administer Java API for RESTful Web Services (JAX-RS) applications that have enabled security mechanisms.